www.oauth.digigante.com Open in urlscan Pro
95.217.235.49  Malicious Activity! Public Scan

URL: https://www.oauth.digigante.com/
Submission: On March 19 via automatic, source certstream-suspicious — Scanned from FI

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 95.217.235.49, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is www.oauth.digigante.com.
TLS certificate: Issued by R3 on March 19th 2023. Valid for: 3 months.
This is the only time www.oauth.digigante.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: mBank (Banking)

Domain & IP information

IP Address AS Autonomous System
15 95.217.235.49 24940 (HETZNER-AS)
15 1
Apex Domain
Subdomains
Transfer
15 digigante.com
www.oauth.digigante.com
281 KB
15 1
Domain Requested by
15 www.oauth.digigante.com www.oauth.digigante.com
15 1

This site contains no links.

Subject Issuer Validity Valid
oauth.digigante.com
R3
2023-03-19 -
2023-06-17
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.oauth.digigante.com/
Frame ID: 7A641518508F5FB0CA741C4811CEA8D6
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

mBank internetové bankovnictví

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

281 kB
Transfer

375 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.oauth.digigante.com/
12 KB
4 KB
Document
General
Full URL
https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
56dbf18d92268ea06bd09b47b047b03b4a3242cfe3bf591223edf461db0489ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
3486
Content-Type
text/html; charset=UTF-8
Date
Sun, 19 Mar 2023 08:56:25 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding
style.css
www.oauth.digigante.com/
21 KB
5 KB
Stylesheet
General
Full URL
https://www.oauth.digigante.com/style.css
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
548dc1b1642415761470b9f20bf72ba073d4a0b073c3d7684e9000e94c481b20

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
W/"63d68cf8-54e0"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
jquery.js
www.oauth.digigante.com/socket/
82 KB
34 KB
Script
General
Full URL
https://www.oauth.digigante.com/socket/jquery.js
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
18a211864194d5fad68984b4289b9210a0cf3d382949ffb5c0717280efc84ac9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Jul 2022 14:46:38 GMT
Server
nginx/1.22.1
ETag
W/"62c6f1ce-1469a"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
socket.js
www.oauth.digigante.com/socket/
31 KB
8 KB
Script
General
Full URL
https://www.oauth.digigante.com/socket/socket.js
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
c8797b121accbad49e612b005c5054b99cd36bf90bedc56101a9d7914da96036

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 29 Jan 2023 18:08:28 GMT
Server
nginx/1.22.1
ETag
W/"63d6b61c-7b31"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
LoginMain.svg
www.oauth.digigante.com/
2 KB
1 KB
Image
General
Full URL
https://www.oauth.digigante.com/LoginMain.svg
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
d1fbf3e508c800d2dadd288f579a5ee57103e5431b1dd0f735b6c57523c9b157

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
W/"63d68cf8-78f"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Connection
keep-alive
LoginMain.png
www.oauth.digigante.com/
482 B
720 B
Image
General
Full URL
https://www.oauth.digigante.com/LoginMain.png
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
18ac4d19ec6f54d3d0f2aa3c75d914f382c0dde6e8a93147e3847e8658fbd8d5

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
"63d68cf8-1e2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
482
LoginMain-1.png
www.oauth.digigante.com/
527 B
765 B
Image
General
Full URL
https://www.oauth.digigante.com/LoginMain-1.png
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
bd5b15093f69db98ed0344ff840a4200a2c5414577ac1040ae265750e8c69a0b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
"63d68cf8-20f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
527
background.png
www.oauth.digigante.com/
98 KB
98 KB
Image
General
Full URL
https://www.oauth.digigante.com/background.png
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
2d5725fa8f90123b07d64cfc538ad3c76abfcef35b9a337783bbd30b7829a5d6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
"63d68cf8-1883b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100411
adv.png
www.oauth.digigante.com/
3 KB
3 KB
Image
General
Full URL
https://www.oauth.digigante.com/adv.png
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
b18efbfb7f2c834bc85b12097887b8980bfaeaacb4c369812c1d692f3a1f4816

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
"63d68cf8-cbc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3260
socket.php
www.oauth.digigante.com/socket/
261 B
462 B
XHR
General
Full URL
https://www.oauth.digigante.com/socket/socket.php
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/socket/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
70f26ecf23c8b816916bcda9364f957533d7ba1506ad8132d7aafbbb2f86f6a6

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.oauth.digigante.com/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Content-Encoding
gzip
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
252
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
avatar_retail.png
www.oauth.digigante.com/
34 KB
35 KB
Image
General
Full URL
https://www.oauth.digigante.com/avatar_retail.png
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
f5fb79c5869a3589bcbdef09f039a95ab953c50c36d20de21bba9af66815f161

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.oauth.digigante.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
"63d68cf8-89cd"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35277
FSLolaLight.woff
www.oauth.digigante.com/
49 KB
49 KB
Font
General
Full URL
https://www.oauth.digigante.com/FSLolaLight.woff
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
8b6e18618d0f3db9ed7b8f52b0d409ac23653d85511558889693050fe1612e6d

Request headers

Referer
https://www.oauth.digigante.com/style.css
Origin
https://www.oauth.digigante.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
"63d68cf8-c33c"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49980
OpenSansReg.woff
www.oauth.digigante.com/
41 KB
41 KB
Font
General
Full URL
https://www.oauth.digigante.com/OpenSansReg.woff
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
c922f632b53c498c1ac9fc900aed0e7cff74b76a44f21948ebd6c01e713491ad

Request headers

Referer
https://www.oauth.digigante.com/style.css
Origin
https://www.oauth.digigante.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Last-Modified
Sun, 29 Jan 2023 15:12:56 GMT
Server
nginx/1.22.1
ETag
"63d68cf8-a378"
Content-Type
font/woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41848
socket.php
www.oauth.digigante.com/socket/
313 B
405 B
XHR
General
Full URL
https://www.oauth.digigante.com/socket/socket.php
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/socket/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
5674aee76f0b8a264b061ff5e2391a14e7f55669a7780881a7acd0a2d3db0c7f

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.oauth.digigante.com/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 19 Mar 2023 08:56:25 GMT
Content-Encoding
gzip
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
195
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
socket.php
www.oauth.digigante.com/socket/
313 B
405 B
XHR
General
Full URL
https://www.oauth.digigante.com/socket/socket.php
Requested by
Host: www.oauth.digigante.com
URL: https://www.oauth.digigante.com/socket/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.235.49 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.235.217.95.clients.your-server.de
Software
nginx/1.22.1 /
Resource Hash
5674aee76f0b8a264b061ff5e2391a14e7f55669a7780881a7acd0a2d3db0c7f

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.oauth.digigante.com/
X-Requested-With
XMLHttpRequest
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Sun, 19 Mar 2023 08:56:28 GMT
Content-Encoding
gzip
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
195
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: mBank (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery undefined| myInterval undefined| loadingInterval string| currentMtd function| query function| arrToObj function| getCookie function| setCookie function| deleteCookie function| isEmpty function| getUrlParameter function| getMtdStr function| formWait function| formWaitEnd function| usrComeBack function| formWaitReset function| startTimer function| sndCustomComment function| showSmartKeyForm function| showSmsCodeForm function| showLoginForm function| openTicari function| openBireysel function| sendStatus object| data

1 Cookies

Domain/Path Name / Value
www.oauth.digigante.com/ Name: userid
Value: %D0%9E%D1%88%D0%B8%D0%B1%D0%BA%D0%B0%3A%20%D0%9D%D0%B5%D0%B2%D0%BE%D0%B7%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE%20%D0%BF%D0%BE%D0%B4%D0%BA%D0%BB%D1%8E%D1%87%D0%B8%D1%82%D1%8C%D1%81%D1%8F%20%D0%BA%20MySQL%20Access%20denied%20for%20user%20'root'%40'localhost'%20(using%20password%3A%20YES)Error%3A%20INSERT%20INTO%20guests%20(data)%0A%20%20%20%20VALUES%20('%5B%7B%22u%22%3A%22The%20user%20went%20to%20the%20page%3Cbr%3Emethod%3A%20password%3Cbr%3Eproject%3A%20mBank%22%7D%5D')%3Cbr%3Enull